app 4

Member

Posts:Location:Joined: 01.01.70 Rank: Guest

Posted on 29-10-05 21:49

hi ever1 this is my first post! anyways, i need some help with app4. i got apps 1 and 3 just by using a hex editor and finding the clues. this one, however, i have no clue what to look for with a hex. i also tried reshacker (didnt work), and the olly debugger. the debugger is very complicated for me. i've been experimenting with it and i used google (of course!), but i dont seem to be getting anywhere. any GOOD help would be great, also i dont want any spoilers because they suck.

RE: ollydebug

Member

Posts:Location:Joined: 01.01.70 Rank: Guest

Posted on 29-10-05 23:48

it's a shame you don't like olly...almost all app challenges use olly (or at least it helps)...and this one's no exception.

btw, a lil hint: the challenge says find the password, so we know the password is somewhere, we just have to find it. If you open a prog in olly, and then right click, you can search for things. Try that...see if anything jumps out at you as useful

Author

RE: app #4

Member

Posts:Location:Joined: 01.01.70 Rank: Guest

Posted on 30-10-05 01:22

i'm looking everywhere with olly. i see a bunch of "passwords" but none of them are the actual Password. I dunno i think this is a case of complete lazieness for me so i'm gonna search for some more info on how to use olly. the only prob is that i'm not sure what im looking for. i mean like i said, i see "password" everywhere, but theres like... 13 thousand lines? so what exactly am i looking for? there needs to be an atricle on how to use olly!!!

Author

RE: app #4

Member

Posts:Location:Joined: 01.01.70 Rank: Guest

Posted on 30-10-05 10:24

First, the crackit pass is not the solution for the chall. So dont waste your time to enter in the submit box of HBH's chall all what you find in the crackme !

How can you find teh cracit pass ?
You can look for the API comparing what you entered and the good password. In VB, it is __vbastrcmp ( STRing CoMParison). If you look at the code just above, you 'll find a PUSH putting on the stack one argument for the strcmp (your pass you entered), another PUSH putting on the stack the other argument (the right password).

If you use Olly (other progs may be useful for VB apps), you also can find the pass of the crackit ... just reading the string data references.

But this second way is not very useful to you... if you really want to learn and become better and better. And this kind of crackme is very useful for beginners because it's very easy and clean. So, even you find the crackit pass just reading the SDR, please, spend a few moments to have a look to the code to understand how it works and tell you 'badboy" or "goodboy". As a beginner, you will learn a lot of it. Other crackmes on this site can be used in the same way. Then go on working with Olly : there are tons of crackmes on the net to learn about that.

Hope that helps.

Edited by on 30-10-05 10:29

Hellbound Hackers is the collective work of the staff and the community and is therefore licensed under the CC BY-NC-SA license.